Overview of time tracking systems

Hi, Habr! I want to share my test results of time tracking systems.

In our cozy high-tech company, the bosses were preoccupied with the control of working time and employee efficiency. And I had the task of providing a comparison and a conclusion about the suitability for use and functionality of such systems.
')
Of course, I was not very happy about the prospect of the appearance of such a system in my workplace, since I think that the work of an employee should be judged by the result, and not by formal indicators. I hope the data I collected, especially the results of the system bypass testing, will help a colleague who is in my place convince his management that such solutions are ineffective.

How I tested the system bypass.

All programs evaluate the presence of an employee in the workplace according to the time that has passed since the last keystroke or mouse movement. Some see that the program was active at that time, with a division into productive and non-productive. Some take screenshots of screens or record videos of work. Mouse-tied razors are not our method, our users are all advanced, so AutoIt was taken and a small script was written imitating a primitive, but the real work — reading the documentation, viewing the report, if the employee is being watched, what he does will be visible without such programs, and if someone from time to time looks through several screenshots, then notice that the script worked, and not the person - is unreal. Especially, if you turn it on not for the whole day, but for 20-30 minutes of additional rest). Yes, the program was called iexplore.exe, well, who will compare the number of open tabs and processes with this name).

Script

SRandom(@MSEC) opt("MouseCoordMode",0) Sleep(3000) While true if random(0,3,1)=2 then Sleep(Random (1000,5000,1)) Send("{PGDN}") Else Sleep(Random (500,1500,1)) $aPos = MouseGetPos() MouseMove($aPos[0] + Random(300)-115, $aPos[1] + random(300)-110) $aPos = MouseGetPos() MouseMove($aPos[0] + Random(314)-117, $aPos[1] + random(310)-115,3) Sleep(Random (1000,5000,1)) EndIf WEnd 

When conducting a detour of systems, it turned out that a couple of tested programs do not perceive the actions of the AutoIt script as user actions. It was decided to hardware emulate the user using the available tools. The main condition was the imitation of activity similar to the real one. The Arduino Due board was found in the bins and a small program was written similar to our AutoIt script.

Program

 #include <Keyboard.h> #include <Mouse.h> void setup() { Mouse.begin(); Keyboard.begin() ; } void loop() { delay(random(6000)+1000); if (random(0,4)==1) { Keyboard.write(0xD6); delay(random(4000)+4000); } else { Mouse.move(random(6)-3, random(6)-3, 0); delay(100); Mouse.move(random(6)-3, random(6)-3, 0); delay(random(2000)+2000); } } 

So, the review.

I’ll say right away that the option of collecting data to the cloud was not considered for security reasons, and confidentiality, not everyone is ready to share personal data, etc. Because of this, the review presents systems that have a local version. Those systems that have a local server declared, but failed to get it for testing, are placed at the end of the list. Their parameters may not be objective, because are based on the results of a “survey, not a measurement.”

Here are the criteria that I added to the comparison.

1. Title.
2. A source of information. Site, mention on the swag.
3. Principle of operation. General description of the work, and the specificity of the data collected.
4. Flexible schedule. The possibility of flexible graphics. For example, came from 8 to 10:30 left from 17 to 20, lunch 30-40 minutes at any time.
5. Vacation requests, day off Timesheet Opportunity to mark days as vacation, day off, business trip ... What documents the system generates for QA accounting.
6. API availability.
7. Reports. What are the reports and how informative they are.
8. OS and DB with which the program works.
9. Integration with AD. How to configure, whether users need to enter a password, whether the system understands which user is working on the computer.
10. Settings. What you need to configure to start the system.
11. Lots of custom multi computer mode. Is the system able to recognize the work of several users on one computer-terminal server or one user on several computers?
12. Work through the Internet network. Information about the publication and encryption of the connection when transferring data between the client and the server. NAT settings.
13. Access to statistics. Having the ability to provide the user with access to their own statistics and the ability to assign roles that delimit access.
14. Bypass system. The results of testing our script.
15. For the observed. How the user can determine that the client is installed on the computer.
16. Price.
17. Screenshot of the program window. The screenshot shows the statistics collected during the night, in which the user's actions were simulated by the script (or the arduino board).

Kickidler

www.kickidler.com
habrahabr.ru/company/kickidler
Principle of operation. Hidden agents are installed on employees' computers, which record video from the screen, keystrokes and running applications. Efficiency is set for each application. The administrator can remotely manage users' computers. The main window of the program is a view on the monitors of employees in real time.
Flexible schedule. The program is not possible to set the schedule.
Vacation requests are time off. Timesheet Requests and reports for accounting are absent.
API availability. Not.
Reports. Reports display the most used programs and sites. The reports are not informative, they are not designed to monitor the work schedule of employees. There is filtering in the reports. When viewing employees' monitors, up to 16 monitors are simultaneously placed on the screen, which will be a problem if you need to monitor the work of employees in real time in companies with large staff.
OS and DB. The Kickidler server runs under Windows OS and PostgreSQL database. There is a version of the server for Linux, but it has limited functionality.
Integration with AD. Not.
Settings. For the system to work, you must install the server and agents on users' computers. To access the recorded video, a separate program “Viewer” is used, which must be installed by employees who will monitor the collected data. If the system is deployed locally, then a local licensing server is required.
Lots of custom multi computer mode. Identification occurs by user login and workstation name.
Work through the Internet network. The program requires access to my.kickidler.com, through which the server, grabers and viewers are synchronized and the license is checked. In a local installation, this address should lead to a local licensing server. Declared ssl support.
Access to statistics. Providing users with access to statistics for self-monitoring is impossible. Access to the statistics and recorded video occurs through the program Viewer. For the Viewer to work, you need to select which users are allowed to access in the admin panel.
Bypass system. The script works, the activity is taken into account. Through the use of a random pause, the activity schedule is also changing. You can track the use of the script only when watching a video of repetitive actions, in this case the complication of the script will help.
For the observed. The presence of the agent can be determined through the task manager for the processes grabber.exe, grabberAgent.exe, grabberSubAgent.exe. The default path is C: \ Program Files (x86) \ TeleLinkSoftHelper.
Price. Cloud version: 500 rubles per month for one employee. 10,000 rubles per employee, without time limit. Local version: Price on request.

StaffCop

www.staffcop.ru
habrahabr.ru/company/atompark_software
Principle of operation. A hidden agent is installed on employees' machines, which collects information about activity, running processes, visited sites, keyboard shortcuts, file access, received and sent email messages and instant messengers. Mail interception is possible via unencrypted protocols, the supported messenger protocols are outdated (ICQ, MSN Messenger, Mail.ru Agent ...). It is possible to make periodic screenshots.
Flexible schedule. There is no possibility to set the schedule.
Vacation requests are time off. Timesheet Requests and reports for accounting are absent.
API availability. Not.
Reports. Reports are divided according to the type of data collected (screenshots, processes, search queries, visited pages, instant messengers messages, keyboard presses ...). There is filtering by period or keyword. The program collects a lot of data, but does not independently evaluate the user's actions, which is why the report does not have sufficient information.
OS and DB. The server runs under Windows, uses a simple file database.
Integration with AD. Not.
Settings. The program is distributed as an executable file, without binding to the servers of the developer. Therefore, the program server is deployed locally. Agents can be installed removed, for this you must have administrator rights to remote machines. If the agents were installed manually, the server must specify the IP addresses of the machines from which the data should be collected.
Lots of custom multi computer mode. Statistics collected by computer.
Work through the Internet network. The server collects data from agents, so employees' computers should not be behind NAT. The connection between the server and the agent is encrypted, the algorithm could not be determined.
Access to statistics. Statistics are displayed in the server application. No access via web interface. Providing employees with access to statistics is impossible.
Bypass system. StaffCop did not perceive the AutoIt script as a user action. Therefore, a detour was made using the Arduino board which emulated a keyboard and mouse.
For the observed. The presence of an agent can be determined through the Task Manager for the running Scheduler service and the SchedulerSVC.exe process. The installation path of the agent C: \ Program Files (x86) \ StaffCop.
Price. Cloud version no. Local version: 1300 rubles for 1 user, unlimited.

Manictime

www.manictime.com
Principle of operation. The installed agent collects data on the operating time of the PC and the programs used (only with a graphical shell) and sites. Also, the agent is able to take screenshots.
Flexible schedule. The schedule indicates the start and end times or the number of hours of work per day. You can create multiple schedules.
Vacation requests are time off. Timesheet There are no applications, but there are tags that can mark your time. With their help, you can celebrate time off, etc. There is an “Attendance” report that shows the number of employee days worked.
API availability. To access and manipulate server data, you can use the HTTP API.
Reports. Not many reports. They are divided into two types: work time (start / end, processing ...), and productivity (used websites, programs, documents, productivity statistics).
OS and DB. The server works under Windows. The default is SQLite. For a large number of users (more than 5 - the recommendation of the developers), you must use PostgreSQL or Microsoft SQL Server.
Integration with AD. You can get a list of users from AD. This will allow not to drive in manually user names.
Settings. When installing the server, you must choose which database to work with. The DBMS must be configured before installing the server (except SQLite). In the agent, you must specify the address of the server where to send the statistics.
Lots of custom multi computer mode. The system identifies the user by computer name and login.
Work through the Internet network. To access the server, an open port 8080 is required (can be changed). To protect the connection, you can enable https, in which you will need to specify your certificate or use the standard one.
Access to statistics. It is possible to provide access to statistics for employees through a web interface. There is also access to personal statistics through the client application, if it is not in stealth mode. It is possible to give access rights to the statistics of the entire department.
Bypass system. The bypass script works, activity is taken into account, it is impossible to track the use of the script.
For the observed. In normal mode, the agent is visible in the tray. If the agent is in stealth mode, you can determine its presence through the task manager. The process is called ManicTime Client, the standard installation path is C: \ Program Files (x86) \ ManicTime.
Price. The price is the same for the local and cloud versions: $ 67 per user, perpetual.

Skypetime

skypetime.ru
habrahabr.ru/post/272701
Principle of operation. SkypeTime receives employee status data from the Skype For Business server, so you do not need to install agents on employees' machines. Because of this concept, the amount of data collected is much less than the considered counterparts, it is: employee time at the computer and from which machine the input is made.
Flexible schedule. The schedule indicates the time of the beginning and end of the working day and the number of hours that must be worked per day. It also indicates the duration of the lunch break and the time late. You can create multiple schedules that can be set for both the department and the employee.
Vacation requests are time off. Timesheet An employee can create applications that will be reviewed by management. For accounting there is a report “Worktime” in which the working time for each day is indicated.
API availability. Not
Reports. Reports provide information on employee and department work hours, on events (late arrival, absence and early departure), on staff holidays (vacations, time off, sick leave ...), on devices used to log in and remote sessions. There is filtering in the reports.
OS and DB. The program works on Windows and with the MySQL database.
Integration with AD. Since the Skype For Business server is integrated with AD, a separate integration is not required.
Settings. To get started, you need to install a web server, install SQL Server, provide read access to the Skype For Business database, deploy a database, provide access to the database, and set up publications.
Lots of custom multi computer mode. The system recognizes users by usernames that are used to sign in to Skype For Business. Information on the computers from which the input was made will be available in the statistics.
Work through the Internet network. When setting up a publication, you can enable SSL.
Access to statistics. It is possible to provide employees with access to statistics through a web interface. You can assign department managers.
Bypass system. To bypass the system using a script or arduino is not required. It is enough to maintain the status of Skype "Online". It is possible to track absence at the workplace only in cases if the call is missed. The missed call will be displayed on the employee’s work schedule, which may result in more attentive attitude to the work of the employee.
For the observed. Client computers do not install the client application, which makes it impossible to determine whether SkypeTime is being used.
Price. The price starts from 300 rubles per user.

Yaware.TimeTracker

yaware.ru
Principle of operation. The installed agent collects data on the time of work, and the programs used, and the sites. For each program or site its productivity is set (“Productively”, “Neutral”, “Not Productively”). Based on this data, reports on employee productivity and working time efficiency will be generated. The program has the ability to make regular screenshots and webcam snapshots.
Flexible schedule. You can set the time of the beginning and end of the working day, and the time that you need to work out so that the day would be counted. The program supports two graphics options. “Standard week” - fixed working days. “Work in shifts” - allows you to customize the schedule of the employee, if his working days are not tied to the days of the week.
Vacation requests are time off. Timesheet There are no applications, the manager himself sets up events (vacation, sick leave), you can indicate both a specific person and a department. For a report to the accounting department, the program provides reports: “Time Sheet”, “Attendance Report”.
API availability. There is an API that allows you to independently implement access to the collected statistics using HTTP requests.
Reports. The program has a lot of reports both in terms of work time and in terms of efficiency. Some reports display similar information. It is possible to display a report for a certain period. Data from reports can be exported to XLS, CSV, PDF.
OS and DB. It was not possible to determine on which OS and from which DB the local server is running.
Integration with AD. Not.
Settings. For the cloud version, install the client. Information on setting up the local version could not be obtained.
Lots of custom multi computer mode. Yaware identifies the user by username and computer name. If you change your login or change to another machine, it will be recognized as a new user. Users can be combined.
Work through the Internet network. The agent and the server are connected via the http and https protocol. SSL is used for protection. In the local version, you can choose your SSL certificate. The SSL certificate protects both the agent’s connection to the server and the connection to the web panel.
Access to statistics. It is possible to provide an employee with access to his statistics. Brief statistics can be obtained from the agent, if it is not in stealth mode. More detailed statistics are displayed in the web interface. It is possible to appoint a department manager.
Bypass system. The script works, the activity is counted, in the applications used the script does not appear.
For the observed. By default, the agent is displayed in the tray; there is an option on the server to hide the agent. In this case, the presence of the agent can be found in the Task Manager for the processes YaService.exe and YaUpdate.exe and the service Yaware.TimeTracker Collector Service.
Price. Cloud version: 450 rubles per month per employee. Local version: $ 4800 for 50 jobs, $ 96 for an additional workplace.

Crocotime

crocotime.com
Principle of operation. The agent collects data on time at the computer, and applications used, and sites. Programs without a graphical interface are not taken into account. Applications can be divided into effective and not effective. It is possible to enable periodic screenshots.
Flexible schedule. In the schedule, you can specify the time of the beginning and end of the working day, or just the number of hours per day. Lunch time is hard.
Vacation requests are time off. Timesheet No applications. The manager can determine the reason for the absence: business trip, sick leave, day off, vacation, absenteeism. By default, in the absence of the program puts "go". For accounting, there is a report "Table", which indicates which days are worked and how many hours.
API availability. There is a Web API that allows you to interact with the server using HTTP requests.
Reports. Reports provide information on the performance of both the company and the employee, the structure of the day, the programs used, the types of tasks, projects, deviations from working hours. The reports can filter by employees (departments), and by time (day, week, month).
OS and DB. The server runs on Windows. The default database is SQLite, but it is possible to upgrade to PostgreSQL. Migration in the opposite direction is not possible.
Integration with AD. There is an opportunity to load users from AD. This will relieve the administrator of the need to manually enter employee data (name, email ...) and the structure of departments in the system. It will also allow users to log in to the domain name monitoring system using Kerberos authentication. You can not unload the entire structure, but only a part.
Settings. To configure, just install the server and agents.
. . Crocotime ( ) ( ). , .
. 8085. SSL, .
. . -. ().
. . AutoIt . Arduino, .
.
agent_service64.exe CrocoTime Agent. C:\Program Files\CrocoTime Agent.
. : 150 . : .

TimeCamp

www.timecamp.com
. , . . , .
. , / . . , .
. . , (, , …) . «», .
API. API, HTTP . , (, Visual Studio).
. . , , . , .
. , .
. Not.
. .
. . timecamp.com.
. SSL. , NAT .
. -. : , , .
. AutoIt. TimeCamp .
. . timecamp.exe reshost.exe. C:\Users\UserName\AppData\Local\TimeCamp.
. : 10$ . .



. . . , . , , , , .

, , .